packages security warnings

[d.oertel]

@ cshields

As I told, normally there should be no problem, if the netbios name is used.
But my experience with different versions of windows servers are small.
So perhaps you will need some registry entries that must be used at Vista/2008:

Code: Alles auswählen

[Registry_hklm_set_depotshare_trusted]
openkey [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\$INST_DepotServer$] 
set "file"=reg_dword:0x00000001 
openkey [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
set "AutoDetect"=reg_dword:0x00000000 
set "IntranetName"=reg_dword:0x00000001 
set "ProxyByPass"=reg_dword:0x00000001 
set "UNCAsIntranet"=reg_dword:0x00000001 

where $INST_DepotServer$ have to be replaced with the netbios name of the opsi server.

Getting feedback on this issue would be fine.

@fabi

Strange,
I have seen this problem only once.
The situation was, that the netbios name resolution was very slow and the name resolution via DNS was fast.
So at mount time the box mounted the share with the from the netbiosname resolved dns-name
and so it was not trusted.
Perhaps you could call
net use
in a DosInAnIcon Section and post the result.

A second approach is to trust the DNS-Name

Code: Alles auswählen

openkey [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\$INST_DepotServer$] 
set "file"=reg_dword:0x00000001 

where $INST_DepotServer$ have to be replaced with the DNS-name or the IP numberof the opsi server.

does this help ?

regards

detlef oertel

[fabi]

Unfortunately it doesn't... I tried both the ip-adress and the FQDN but it didn't help.

And I ran "net use" in a DosInAnIcon section, the result was pretty strange, it said that there are no entries in the list. But there's definately an existing connection to the opsi share, I called the section afterwards a setup was executed from the share. That simply doesn't make sense to me.

[d.oertel]

Hi fabi,

it is very strange.

You could try the following:
There is a new preloginloader which replaces the preloginvista.
You will find it at:
http://download.uib.de/abo/vista/testing/
To do:

1. Upgrade your opsi-server with the lenny repository (even if the server run under etch)
2. Read the installation manual http://download.uib.de/abo/vista/testin ... lation.pdf
3. Install the packages from http://download.uib.de/abo/vista/testing/
4. Install the new preloginloader at the client
5. Test
6. Feedback

good luck

detlef oertel

[fabi]

Thanks a lot, i'll test it on friday!

[fabi]

Wow, that did the job, it's working now! But do you have any idea why it does?

Never mind, thanks for your help and your patience!!